互联网BGP路由可视及安全检测技术架构与实践

边界网关协议（border gateway protocol，BGP）是支撑互联网50年来快速发展的核心协议，因早期设计考虑不足一直存在路由劫持、路由泄露等路由安全威胁漏洞。随着互联网应用日益深入，BGP 路由安全问题逐渐引起业界重视，边界网络安全防护意义重大。提出了一种BGP路由安全检测架构，通过推理构建全球BGP路由知识库实现互联网全局路由可视性，并基于此实现路由劫持、路由泄露等路由安全事件的准实时检测。通过在杭州交换中心部署实践，证明本系统可构造较完整的互联网全局路由知识库、实现较准确和实时的BGP路由安全事件检测。

Architecture and practice of BGP internet routing visibility and security detection

Border Gateway Protocol (BGP) is the de facto inter-domain routing protocol of today’s global internet for exchanging routing information.However, it was supposed that all participants were reliable without generating routing security issues by mistakes or on purpose when BGP was designed 50 years ago.As Internet is getting involved in all aspects of our society, internet routing security is becoming the problems that couldn’t be ignored anymore.A general architecture was proposed which coved inference of BGP routing knowledge database and provided visibility of global internet routing.Detection of route security events such as routing hijacks and routing leaks were realized.The deployment shows that the system can provide good visibility of internet routing and precise detection of routing security events.